public static IPAddressPermission getIPAddressMask(String mask) { if (StartWithIPAddressPermission.canSupport(mask)) { return new StartWithIPAddressPermission(mask); } else if (ExactIPAddressPermission.canSupport(mask)) { return new ExactIPAddressPermission(mask); } else if (FactorizedIPAddressPermission.canSupport(mask)) { return new FactorizedIPAddressPermission(mask); } else if (NetmaskIPAddressPermission.canSupport(mask)) { return new NetmaskIPAddressPermission(mask); } else if (ExactIPv6AddressPermission.canSupport(mask)) { return new ExactIPv6AddressPermission(mask); } else if (NetmaskIPv6AddressPermission.canSupport(mask)) { return new NetmaskIPv6AddressPermission(mask); } throw new IllegalArgumentException("Mask " + mask + " is not supported."); } }
public void setAsText(final String text) throws IllegalArgumentException { addressMask = IPAddressPermissionFactory.getIPAddressMask(text); }
public void checkHostsAuthorization(InetAddress clientAddress, InetAddress serverAddress) throws SecurityException { // Check the client ip against the server ip. Hosts are // allowed to access themselves, so if these ips // match, the following for loop will be skipped. if (clientAddress.equals(serverAddress)) { return; } for (IPAddressPermission host : hostPermissions) { if (host.implies(clientAddress)) { return; } } throw new SecurityException("Host " + clientAddress.getHostAddress() + " is not authorized to access this service."); }
private void addIPAddressPermissions( final LinkedList<IPAddressPermission> permissions, final String hostname) throws ServiceException { try { final InetAddress[] localIps = InetAddress.getAllByName(hostname); for (final InetAddress localIp : localIps) { if (localIp instanceof Inet4Address) { permissions.add(new ExactIPAddressPermission(localIp.getAddress())); } else { permissions.add(new ExactIPv6AddressPermission(localIp.getAddress())); } } } catch (UnknownHostException e) { throw new ServiceException("Could not get " + hostname + " inet address", e); } }
private void parseAdminIPs(Properties props) throws ServiceException { LinkedList<IPAddressPermission> permissions = new LinkedList<IPAddressPermission>(); String ipString = props.getProperty("only_from"); if (ipString == null) { permissions.add(new PermitAllPermission()); } else { String hostname = "localhost"; addIPAddressPermissions(permissions, hostname); StringTokenizer st = new StringTokenizer(ipString, ", \n\t"); while (st.hasMoreTokens()) { String mask = st.nextToken(); try { permissions.add(IPAddressPermissionFactory.getIPAddressMask(mask)); } catch (IllegalArgumentException iae) { // it could be that it is a hostname not ip address addIPAddressPermissions(permissions, mask); } } } hostPermissions = (IPAddressPermission[]) permissions.toArray(new IPAddressPermission[permissions.size()]); }
public static IPAddressPermission getIPAddressMask(String mask) { if (StartWithIPAddressPermission.canSupport(mask)) { return new StartWithIPAddressPermission(mask); } else if (ExactIPAddressPermission.canSupport(mask)) { return new ExactIPAddressPermission(mask); } else if (FactorizedIPAddressPermission.canSupport(mask)) { return new FactorizedIPAddressPermission(mask); } else if (NetmaskIPAddressPermission.canSupport(mask)) { return new NetmaskIPAddressPermission(mask); } else if (ExactIPv6AddressPermission.canSupport(mask)) { return new ExactIPv6AddressPermission(mask); } else if (NetmaskIPv6AddressPermission.canSupport(mask)) { return new NetmaskIPv6AddressPermission(mask); } throw new IllegalArgumentException("Mask " + mask + " is not supported."); } }
private void addIPAddressPermissions( LinkedList<IPAddressPermission> permissions, String hostname) throws ServiceException { try { InetAddress[] localIps = InetAddress.getAllByName(hostname); for (int i = 0; i < localIps.length; i++) { if (localIps[i] instanceof Inet4Address) { permissions.add(new ExactIPAddressPermission(localIps[i].getAddress())); } else { permissions.add(new ExactIPv6AddressPermission(localIps[i].getAddress())); } } } catch (UnknownHostException e) { throw new ServiceException("Could not get " + hostname + " inet address", e); } }
private void parseAdminIPs(final Properties props) throws ServiceException { final LinkedList<IPAddressPermission> permissions = new LinkedList<IPAddressPermission>(); final String ipString = props.getProperty("only_from"); if (ipString == null) { permissions.add(new PermitAllPermission()); } else { final String hostname = "localhost"; addIPAddressPermissions(permissions, hostname); final StringTokenizer st = new StringTokenizer(ipString, ", \n\t"); while (st.hasMoreTokens()) { final String mask = st.nextToken(); try { permissions.add(IPAddressPermissionFactory.getIPAddressMask(mask)); } catch (IllegalArgumentException iae) { // it could be that it is a hostname not ip address addIPAddressPermissions(permissions, mask); } } } hostPermissions = permissions.toArray(new IPAddressPermission[permissions.size()]); }
public void setAsText(String text) throws IllegalArgumentException { addressMask = IPAddressPermissionFactory.getIPAddressMask(text); }
public void checkHostsAuthorization(final InetAddress clientAddress, final InetAddress serverAddress) throws SecurityException { // Check the client ip against the server ip. Hosts are // allowed to access themselves, so if these ips // match, the following for loop will be skipped. if (clientAddress.equals(serverAddress)) { return; } for (final IPAddressPermission host : hostPermissions) { if (host.implies(clientAddress)) { return; } } rejections.record(); throw new SecurityException("Host " + clientAddress.getHostAddress() + " is not authorized to access this service."); }